wellnesswarrior.monster Open in urlscan Pro
2606:4700:3033::6815:4bd3  Malicious Activity! Public Scan

156 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response wellnesswarrior.monster/newsv/	84 KB 19 KB	215ms 173ms	Document text/html	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5711fdc2531262a7bdeb24784eab344ceadb86c1cb27d3e3251cf513156467e2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 86b89776fa4b4282-EWR content-encoding br content-type text/html date Thu, 28 Mar 2024 15:18:15 GMT last-modified Thu, 14 Mar 2024 10:42:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QumK6wajHuet13dc3b1Bm2ck3QA%2Bk2vlE8LaikmGGabxzPD1XTYF2GFqqYviNwF25zAHgUVZz9McgJ5qLn6TU%2BV6K3zY7GVNtVJz%2FweJRVyrF9UjXUmISEnm%2FcyPbOB2DO52xfjLz%2FKJ5yudDgU3jFAOUkkZlQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	reset.css wellnesswarrior.monster/newsv/css/	4 KB 2 KB	171ms 168ms	Stylesheet text/css	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/newsv/css/reset.css Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86f631cb7d1cb06e7dffa796fa706b9e4b768d047f7ab52cb2e5b6909395b6a5 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f2d48c-103f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pfKiMlCHgEgSMyDfqPs1W3x0zIDzrxBaR1jyuXiQ%2FMDrb9TcRhkDsls8dCiNqymrVweVk7GUlvosjWJ7DWXLWVFAKvDB1guUpldydUVlEBs%2B85Tgh%2FSAfr9JC0913n%2BKRxJaJrz0Sq5MwRZpPdo6w3YLlN%2FmnA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 86b897784bd14282-EWR alt-svc h3=":443"; ma=86400
GET H3	200	style.css wellnesswarrior.monster/newsv/css/	85 KB 11 KB	187ms 184ms	Stylesheet text/css	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/newsv/css/style.css Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17d9be9c7e268da7806d8dd45d85ebefd87256800161057b2b28acb8a022a651 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f2d48c-15429" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FrBAASne2Qs7fz45IdlMf93ixExy0dcayuJL9bPbQRAT3cJRqSGwairLK0o%2FCaAH2WP0R1JPyn5T1Vp1Lni1M29NCAe4FHfqzCFUxuvlfa%2FO08DJJ%2FNDyHViKmCo%2Bhu%2BR8WEMWeDQcjJdEIg4G44F1jmLm8DMA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 86b897784bd64282-EWR alt-svc h3=":443"; ma=86400
GET H3	200	dater.js Show response wellnesswarrior.monster/newsv/js/	530 B 701 B	174ms 171ms	Script application/javascript	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/newsv/js/dater.js Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8307a5cedddfc8ae99f3e949aadca7efc93f624a9bf0fba7b45337d5190f74ec Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f2d497-212" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nC10ylmRBQVNSjhcJrIawipY7HFBQxI7qx5%2Ffu4MjEhcJH9gdLKs%2Fc0ItN5p6IxeMl2KqT3kQ%2BIS%2FiC8RHn1JkX8nmsjhGmQWf%2F%2Bp%2FFvgnYQZ2APUZT0NY%2BAzxoWObzG6RkiJNHoIATj%2B6BGJ7Y5DtDHxy6mdQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 86b897784bd74282-EWR alt-svc h3=":443"; ma=86400
GET H2	200	ministore.pro.embed.js Show response embed.ministore.helthjem.no/	2 KB 1 KB	161ms 9ms	Script application/javascript	13.35.93.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://embed.ministore.helthjem.no/ministore.pro.embed.js Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-100.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 331a3e8f56dae80ad2fd615119b0b9f3c9c198309055607fcd836286269b3bdc Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 19:55:04 GMT content-encoding gzip via 1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront) last-modified Wed, 27 Oct 2021 12:07:43 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 age 69792 etag W/"600397576e0b8f1a50cae36b2ae5c2a2" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id t430QZbr5so8wqLt1rzDyxkOjxum3BGWD8v2BVlN-GWvePfHxtPhBA==
GET		sideStore.embed.min.js ministore.helthjem.no/	0 0
GET H2	200	midt-i-blinken-latest.js Show response www.vg.no/vgc/blink/	2 KB 2 KB	341ms 93ms	Script application/javascript	2001:67c:21e0::16 GLOBALCONNECT-
General Check archive.org Show headers Download Go to Full URL https://www.vg.no/vgc/blink/midt-i-blinken-latest.js Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:21e0::16 , Norway, ASN2116 (GLOBALCONNECT-, NO), Reverse DNS Software / Resource Hash 518e9f979463b4322ee6b3bed23f65194542ebd5aaf16889daf1c7d4decf8d99 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT content-encoding br strict-transport-security max-age=15552000 age 0 x-vg-tlsproxy u89-tlsproxy-02.int.vgnett.no x-cache HIT:1424 x-vg-webcache u89-varnish-01 x-age 622 content-length 1370 x-varnish-director static_web x-vg-webserver static-web-01 last-modified Wed, 10 Jan 2024 08:31:06 GMT accept-ch sec-ch-ua-model,sec-ch-ua-platform-version vary Accept-Encoding,Origin content-type application/javascript cache-control max-age=3600 permissions-policy ch-ua-model=*,ch-ua-platform-version=* accept-ranges bytes expires Thu, 28 Mar 2024 16:07:53 GMT
GET H3	200	steinh1.jpg wellnesswarrior.monster/newsv/images/	114 KB 114 KB	177ms 174ms	Image image/jpeg	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/steinh1.jpg Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37dd128d79de2212d6eeacda66e2c7e7963571f8604c4413c0fdd1f5e4f6faa3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d48e-1c7f0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mO6N4oeNWXLpGzRStfLLNu640qe6J2AyF2jw3syp3s1v9Cu1MH09O1wvVrmrlK9hDA4%2BTkwA45p57UIwjnN2vuHDsgUbIW1IAfAM5kABWGNPivOjKiI8b%2BjPVdQG5JRO1ArncenjWu%2FEGfWh3BxhPdrSiaxsQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 86b897784bd94282-EWR alt-svc h3=":443"; ma=86400 content-length 116720
GET H3	200	x2.jpg wellnesswarrior.monster/newsv/images/	80 KB 80 KB	210ms 208ms	Image image/jpeg	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/x2.jpg Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 641732267911d2ba6f8634a26edabf54a3d2ac33c2005a7520ac609c92ee7778 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d48e-13e7d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Okda7pKVd68zAfrFbVhRklTJXmlH5jP0SXReNGREMeCgAJpFRoz5k6IwHrEJS6hWqXa%2F0KKcG5bN5d3ZlF2qg7TdaxUnZfNfghmzbMpr35%2Bnja7s6VH4w0DpnWn3MKybuheH4Vr8it2T07wEUjeUiuVYVMgHuQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 86b897784bdc4282-EWR alt-svc h3=":443"; ma=86400 content-length 81533
GET H3	200	steinh3.jpg wellnesswarrior.monster/newsv/images/	92 KB 92 KB	182ms 181ms	Image image/jpeg	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/steinh3.jpg Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38e9efbb6c2bcc211492a0ed7eeaa5ceb7d7c52fcc69f03acd4ca360c6a2d978 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d48f-16fd6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3pcl2bSgNKX4S4FtdpJBh6LwaE5SDALR8gMm7GrM8BoaZGfUQfKxnxjoQTqAP%2BVEF2dn3FCNkzSlxKo2fb5pxOMswFh0L110AwdJgpVP72qkkSNzsOJV46pgDA25s%2FXB94MFagDEsMlNveSKxC8K06fijkoFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 86b897784bde4282-EWR alt-svc h3=":443"; ma=86400 content-length 94166
GET H3	200	muskbranson.jpg wellnesswarrior.monster/newsv/images/	160 KB 160 KB	175ms 174ms	Image image/jpeg	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/muskbranson.jpg Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d495-27ea3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQY5nCI8nzwgH9Pl0qpWINtrVeiaDZf9H8uRj3Vw%2Ft8pmbFcvuXNe3FidmFMk7rUHzonif77%2F5%2B%2Bz28chnEoSXJ6gN0itdXKvHva2D%2FzN17gnPUzNHvA7i4P4CrJLbTuRoryVrvy%2By4MLPp1lhfUJsDfsEQhJw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 86b897797d7b4282-EWR alt-svc h3=":443"; ma=86400 content-length 163491
GET H3	200	dreamcar.jpg wellnesswarrior.monster/newsv/images/	160 KB 160 KB	179ms 177ms	Image image/jpeg	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/dreamcar.jpg Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d491-27eee" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFx5t4LTOkEyYbx099VNeNe4c8CivEpK5S5yr9TRLbnhB9BSVTu%2FxAf%2FRtDq%2FLwjnLZYp6FOiiYFPfgIJ5jDMpy3SbBP%2FIKBLG9fIVMXugEON%2Bt18YnD1mjANL0McmP4sQ3iECMQ%2F0OIzlm6bpTFoRcYnFemmA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 86b897797d834282-EWR alt-svc h3=":443"; ma=86400 content-length 163566
GET H3	200	scandi-family.jpg wellnesswarrior.monster/newsv/images/	69 KB 70 KB	186ms 184ms	Image image/jpeg	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/scandi-family.jpg Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89de577de8f862e95a454c41ac90d87fbe4cec0d1a904cbdae70c2f5c0a4d430 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d491-114d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0vd9BmuNu5CX6PPy%2FtVtPMJqiVKTZe6XhMth8n5b0H%2FYPwCP5df%2BDCi5VAV%2Bzqb%2FkUpW%2BO0M0GwUKLIwiqcFbyjfj5gAY8XLrQoEsA0hF5ICDgbTBlT0PmUqk7ge45rV4DpKocKrrRghxt20scXIGxpt6f64hQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 86b897798d924282-EWR alt-svc h3=":443"; ma=86400 content-length 70872
GET H3	200	EmbellishedDeliriousArmyworm-size_restricted.gif wellnesswarrior.monster/newsv/images/	3 MB 3 MB	189ms 187ms	Image image/gif	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/EmbellishedDeliriousArmyworm-size_restricted.gif Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2492de52faf6aa14ac467a3d8bb2011200cb65f1b45c491413269139fcf9bc8b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d490-2d84f6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ajNOrcsWl95Hm9Pi0FPTyISxXYV1D4ixymxGg6yAlmvhK0jkZ5SaAW32pIoHN3VuA4YVm%2Bd%2F6%2BmagRMfUZgLIv841g2BnwXUTshl%2BVoR%2BDuc4bv5ciP8BcAhVwlIpSjuzIXMbQuVWNg15fHNoeHbt7jtnh5SA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 86b897798d964282-EWR alt-svc h3=":443"; ma=86400 content-length 2983158
GET H3	200	NO-check-Jahn.jpg wellnesswarrior.monster/newsv/images/	147 KB 148 KB	452ms 450ms	Image image/jpeg	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/NO-check-Jahn.jpg Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0bb3b8853d8380d5c2f2688728e2fc4f8f27aa7ad9845ce1d0c531e9c43bf6d2 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d493-24dfe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9BzxYUgdyNYhFbemjMv67weDltALGh%2FAPXxMBfLJJyyzf1wvD6Yv%2Fxkzd7cR%2FzCBTAXBXF%2FyDXxtpc%2FF%2FM566b1JIIaoC%2FsyOvj%2FNo44%2B4vH6irv58wH602zF3yY6OXIhf8CMAyXXYu1k9OzT5nRwENyKIJCAg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 86b897798d974282-EWR alt-svc h3=":443"; ma=86400 content-length 151038
GET H3	200	prod1.jpg wellnesswarrior.monster/newsv/images/	48 KB 48 KB	459ms 457ms	Image image/jpeg	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/prod1.jpg Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cfcfc9ed11fa644d9b6d01eaf30ceabdbc4cd21fe26b173e5a0452eebbb452b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d495-be5e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=czEKgwqeyUYfxa%2FrFUbRCU12rkYa8Dpg5lAL8KGZLIHwrQA54Z6nqtn%2FCA9b9wI%2FyJtv5adUY5gCnmqt0ITjXNTk7KRPP4pTQh6yQzKsrz%2B7dxo6caUWav%2BuaRVVNfamesSrXz9X2emmPAKSC1wSXFR3vJDP4g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 86b897798d994282-EWR alt-svc h3=":443"; ma=86400 content-length 48734
GET H3	200	step2-NO.jpg wellnesswarrior.monster/newsv/images/	110 KB 111 KB	464ms 462ms	Image image/jpeg	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/step2-NO.jpg Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 018a0e998aad724f04245028a7e006e29c2173d747de8690e7a4a301955788a8 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d491-1b80f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bV4fPETP0MMrrwRtddAbCTmwizqG%2FMfO1GgTmNPjWKEJV20jDF%2B4Q2GYyYPq7NvrsAd06HoHwpaQilfikW1kGgXNwAS%2F9I63yluvruB5rsXxAVna%2FhyUQBMnGUFmO6AdoW5xnfXxyYJbce%2BzFEHw4rhpCIU1DA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 86b897798d9a4282-EWR alt-svc h3=":443"; ma=86400 content-length 112655
GET H3	200	step3-NO.jpg wellnesswarrior.monster/newsv/images/	108 KB 108 KB	468ms 467ms	Image image/jpeg	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wellnesswarrior.monster/newsv/images/step3-NO.jpg Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa706277ed531a79b46def6c11ccc4ef6c6e070842ad43d99baf7b17aa9526e5 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d494-1af22" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2BpD8H2FBzDnMG0WtTHCIzCIoBcQpuhZ%2Fq%2FJeZmzvLDlx47M3xz8EjZKH7lt6oH%2Fa1v4FlotaNNNm2yJZl%2BT%2B3pDY3DYL19ApdCCGYCrk8aKCrjThelZrkRdSLT%2BVq6Ty8r9SSLVUAzWttEm3j08mAcPi9pV8A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 86b897798d9b4282-EWR alt-svc h3=":443"; ma=86400 content-length 110370
GET H3	200	email-decode.min.js Show response wellnesswarrior.monster/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	9ms 5ms	Script application/javascript	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 22 Mar 2024 11:37:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65fd6d96-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KOwYoAVlHhNW9eKZIAqTkhYHijUx7OxGBcDhaBqQVH21glvZmAXLx3Sn8dquzXRhpNdLJgTOc8cHDMTB1zK4EWSILlE3Mwgd9mDYQBfP3LM%2FpNe57DCd4RX9eEl34p97kT7NZBMX29P2SvcqAkvNJ8GqKx9yWw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 86b897798d874282-EWR expires Sat, 30 Mar 2024 15:18:15 GMT
GET H3	200	jquery.min.js Show response wellnesswarrior.monster/newsv/js/	94 KB 34 KB	184ms 180ms	Script application/javascript	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/newsv/js/jquery.min.js Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f2d497-176d5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LkJZpXxe4pSvS1NOkJXu%2BF9QFF86XAwUBPketreJhbQj37vUIZSC2XzvBqUK%2BX6bCUBn7dAtROt9ngqGTqaKPH16WUKrQrS9yErjk6aLjt6aaoOB88WUaVvmwq2mWpeGSaJJUiWZkPGWP6NRzP5i%2FO02v7zNA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 86b897798d8a4282-EWR alt-svc h3=":443"; ma=86400
GET H3	200	getdetector.js Show response wellnesswarrior.monster/newsv/js/	218 B 621 B	186ms 181ms	Script application/javascript	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/newsv/js/getdetector.js Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06c0faf9c4fb7fcb5da73849515ed850b0ca585094d9b582aa859120a20c71f6 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f2d497-da" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DhY0UfeDDgFqUjy62v8ifYTfInevVsKq23gyZq0xbjHGlU2j3MrIEcfTZ74cPcMyKT90v1ul5i3ML3Uku%2BDBmGp83adVuNMKVBBfq8RRqhDBY0mlnRoQm0z16nyglAa2gSmaVP0TUWl%2BAA8D%2BRsqwrd53OQBTg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 86b897798d8c4282-EWR alt-svc h3=":443"; ma=86400
GET H3	200	script_new.js Show response wellnesswarrior.monster/newsv/js/	3 KB 2 KB	186ms 182ms	Script application/javascript	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/newsv/js/script_new.js Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 903d9bc642e3efac857e2f689b2161a8e353b5789a4d874c41234e6eba8e09b3 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f2d496-bbc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gIFv2W8x3f8GVBYZy37l1Yr88sQzgYDM4%2F7YKxCxTWbIm7QuEyetoL8mPU%2BUZ%2BweqlbkC584XYk0CPzQFK4zZ%2BgGVTVnnr%2FiU2bC0qcHK8LB3AO77%2FcgMFhUUA02mPFz0hdM%2FaE214pdFPKp7dqgt5NcgL4D2A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 86b897798d8e4282-EWR alt-svc h3=":443"; ma=86400
GET H3	200	script.js Show response wellnesswarrior.monster/newsv/js/	3 KB 2 KB	186ms 182ms	Script application/javascript	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/newsv/js/script.js Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c12d192138c5aff895cb1305032edb9dab61bdf2879144a9825abe9828932cd Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f2d497-d92" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2OqKdOtqtbUyUzW%2FUZei4nmp%2B1dbHLzINhkaTs%2FS%2BnJc2sMZ%2BTYuY60xf7WptjwWK%2F4mhEhrqBqDEv0u%2FuuaApg1w6IU2nXHqujuX6bK3nvT2NgCuPYiflqi9S6p1gG3lIiGKHx9cyBYOsfznTGucNgN7c9IvQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 86b897798d8f4282-EWR alt-svc h3=":443"; ma=86400
GET H3	200	sheet-script.js Show response wellnesswarrior.monster/newsv/js/	2 KB 1 KB	187ms 183ms	Script application/javascript	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/newsv/js/sheet-script.js Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77cb860f2b94b87572f1559f55ad91757cf9b13c4071e0f773cbe0fe34e78ca8 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 14 Mar 2024 10:42:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65f2d497-9a7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=etc3s1yeaU2%2BCb8dV8DFS%2FnNOHxmhOKoXCThjYJOVBXVA%2FjY9EMn%2BaxhFp%2BnMt3k0NSL7DfbRZ8%2BOG%2BAFuBCZ2oRwImYMDQJQTiAYjRHfFxt76uqaclrfUoiMWui1vDhDyHRQUxvz1JG34WpKb3%2BnGFJU5X%2F9w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 86b897798d904282-EWR alt-svc h3=":443"; ma=86400
GET H2	200	Inter-roman.var.subset.woff2 www.vg.no/vgc/font-spesial/Inter/3.15/	41 KB 41 KB	318ms 92ms	Font font/woff2	2001:67c:21e0::16 GLOBALCONNECT-
General Check archive.org Show headers Download Go to Full URL https://www.vg.no/vgc/font-spesial/Inter/3.15/Inter-roman.var.subset.woff2 Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:21e0::16 , Norway, ASN2116 (GLOBALCONNECT-, NO), Reverse DNS Software / Resource Hash e793402f00190c189be5fa4a77cce2489798d6b5f72f28b0c626eb25e378f74a Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/ Origin https://wellnesswarrior.monster accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:15 GMT strict-transport-security max-age=15552000 age 0 x-vg-tlsproxy u89-tlsproxy-01.int.vgnett.no x-cache HIT:773163 x-vg-webcache u89-varnish-01 x-age 1365412 content-length 41664 x-varnish-director static_web last-modified Fri, 09 Oct 2020 13:22:36 GMT accept-ch sec-ch-ua-model,sec-ch-ua-platform-version vary User-Agent,Origin content-type font/woff2 access-control-allow-origin * cache-control max-age=15552000, immutable permissions-policy ch-ua-model=*,ch-ua-platform-version=* accept-ranges bytes expires Sun, 08 Sep 2024 20:01:23 GMT
GET H2	200	ministore.pro.embed.css embed.ministore.helthjem.no/	2 KB 1 KB	7ms 5ms	Stylesheet text/css	13.35.93.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://embed.ministore.helthjem.no/ministore.pro.embed.css?1711639095770 Requested by Host: embed.ministore.helthjem.no URL: https://embed.ministore.helthjem.no/ministore.pro.embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-100.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash fc1cdff472e435f66146803f1e3c7a84afc8d7fd1739c521aef754545857f231 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 09:09:26 GMT content-encoding br via 1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront) last-modified Thu, 28 Oct 2021 20:59:10 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 age 22130 etag W/"fe0a64ae5384a4f9a11c86e4e8e579c9" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css x-amz-cf-id RmX_BVQLLqVblmfydCILj2MvNURlm12rSVFfj0BAvgeQaCgumwbf5w==
GET H2	200	anton_logo.5c86ba78.png embed.ministore.helthjem.no/static/media/	88 KB 89 KB	7ms 6ms	Image image/png	13.35.93.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://embed.ministore.helthjem.no/static/media/anton_logo.5c86ba78.png Requested by Host: wellnesswarrior.monster URL: https://wellnesswarrior.monster/newsv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-100.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 1bd9f81d4a7d73f0c61fd1c95cc6bb1d668efb764e1825d109de9ecb93fdcf06 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:01:38 GMT via 1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront) last-modified Sun, 19 Dec 2021 20:48:24 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 age 1488 etag "5569228caa0b9b7b81e937c951ba0b78" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 90538 x-amz-cf-id sJiA9dE1avj5DmwJqJ9axnIhMLgl3cHIaSL87JMIKZ73CXUJvsX96A==
GET		fresk.js ads.vg.no/	0 0
GET H3	404	favicon.ico wellnesswarrior.monster/	564 B 593 B	193ms 177ms	Other text/html	2606:4700:3033::6815:4bd3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wellnesswarrior.monster/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:4bd3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://wellnesswarrior.monster/newsv/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 28 Mar 2024 15:18:16 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VaDtVEkvSrX4kQsp2hhe3WG9GWrv0SZiSKLjW9EQ87f3dL0xRGuZd13%2Bb6rer%2Bs57m1M7kzQD3FJMDIkUja0VVB1vCmPH8TqdEsVt94Aw0EaSLD%2BkjbGkS4lCj1UaWHnPvDK2csKuEhf2A39fFZ3EbIOzEegHw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 86b8977dfbee4282-EWR alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ministore.helthjem.no

URL

https://ministore.helthjem.no/sideStore.embed.min.js

Domain

ads.vg.no

URL

https://ads.vg.no/fresk.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal string| url function| getParameterByName object| pathNameValue function| dater function| $ function| jQuery function| Tree boolean| PreventExitPop function| ExitPop object| jQuery111307560977842591716 function| getMonthName object| $range_depos object| $range_time number| min_depos number| max_depos number| min_time number| max_time undefined| depos_data undefined| time_data object| SheetScript

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wellnesswarrior.monster/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://wellnesswarrior.monster/newsv/ Message: Access to script at 'https://ads.vg.no/fresk.js' from origin 'https://wellnesswarrior.monster' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ads.vg.no/fresk.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.vg.no
embed.ministore.helthjem.no
ministore.helthjem.no
wellnesswarrior.monster
www.vg.no
ads.vg.no
ministore.helthjem.no
13.35.93.100
2001:67c:21e0::16
2606:4700:3033::6815:4bd3
018a0e998aad724f04245028a7e006e29c2173d747de8690e7a4a301955788a8
06c0faf9c4fb7fcb5da73849515ed850b0ca585094d9b582aa859120a20c71f6
0bb3b8853d8380d5c2f2688728e2fc4f8f27aa7ad9845ce1d0c531e9c43bf6d2
17d9be9c7e268da7806d8dd45d85ebefd87256800161057b2b28acb8a022a651
1bd9f81d4a7d73f0c61fd1c95cc6bb1d668efb764e1825d109de9ecb93fdcf06
2492de52faf6aa14ac467a3d8bb2011200cb65f1b45c491413269139fcf9bc8b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
331a3e8f56dae80ad2fd615119b0b9f3c9c198309055607fcd836286269b3bdc
37dd128d79de2212d6eeacda66e2c7e7963571f8604c4413c0fdd1f5e4f6faa3
38e9efbb6c2bcc211492a0ed7eeaa5ceb7d7c52fcc69f03acd4ca360c6a2d978
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
50b0010a63d5ede70e4e7c8e005892248e19117182e7634f89c956bbc23ac69b
518e9f979463b4322ee6b3bed23f65194542ebd5aaf16889daf1c7d4decf8d99
5711fdc2531262a7bdeb24784eab344ceadb86c1cb27d3e3251cf513156467e2
641732267911d2ba6f8634a26edabf54a3d2ac33c2005a7520ac609c92ee7778
6cfcfc9ed11fa644d9b6d01eaf30ceabdbc4cd21fe26b173e5a0452eebbb452b
77cb860f2b94b87572f1559f55ad91757cf9b13c4071e0f773cbe0fe34e78ca8
8307a5cedddfc8ae99f3e949aadca7efc93f624a9bf0fba7b45337d5190f74ec
86f631cb7d1cb06e7dffa796fa706b9e4b768d047f7ab52cb2e5b6909395b6a5
89de577de8f862e95a454c41ac90d87fbe4cec0d1a904cbdae70c2f5c0a4d430
8c12d192138c5aff895cb1305032edb9dab61bdf2879144a9825abe9828932cd
903d9bc642e3efac857e2f689b2161a8e353b5789a4d874c41234e6eba8e09b3
a3525ffd53596d03588ff1bceb57b5571395e10dae94c39a9cb1db4dcaf3d31b
e793402f00190c189be5fa4a77cce2489798d6b5f72f28b0c626eb25e378f74a
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
fa706277ed531a79b46def6c11ccc4ef6c6e070842ad43d99baf7b17aa9526e5
fc1cdff472e435f66146803f1e3c7a84afc8d7fd1739c521aef754545857f231